7.5
CVE-2006-6542
- EPSS 1.03%
- Veröffentlicht 14.12.2006 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:33:20
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in news.php in Fantastic News 2.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fantastic News ≫ Fantastic News Version <= 2.1.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.03% | 0.591 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.vupen.com/english/advisories/2006/4931
https://exchange.xforce.ibmcloud.com/vulnerabilities/30834
https://www.exploit-db.com/exploits/2906